配置 AuthorizationServer 並把我們服務組件組裝起來

AuthorizationServerConfiguration.java

importorg.springframework.beans.factory.annotation.Autowired;importorg.springframework.context.annotation.Configuration;importorg.springframework.security.authentication.AuthenticationManager;importorg.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;importorg.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;importorg.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;importorg.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;importorg.springframework.security.oauth2.provider.token.TokenStore;importorg.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;/**
* Created by samchu on 2017/2/15.
*/@Configuration@EnableAuthorizationServerpublicclassAuthorizationServerConfigurationextendsAuthorizationServerConfigurerAdapter{@AutowiredprivateCustomUserDetailsServiceuserDetailsService;@AutowiredprivateJwtAccessTokenConverterjwtAccessTokenConverter;@AutowiredprivateAuthenticationManagerauthenticationManager;@AutowiredprivateTokenStoretokenStore;@Overridepublicvoidconfigure(AuthorizationServerEndpointsConfigurerendpoints)throwsException{endpoints.tokenStore(tokenStore).userDetailsService(userDetailsService).authenticationManager(authenticationManager).accessTokenConverter(jwtAccessTokenConverter);}@Overridepublicvoidconfigure(ClientDetailsServiceConfigurerclients)throwsException{clients.inMemory().withClient("clientapp").authorizedGrantTypes("password","refresh_token").scopes("account","account.readonly","role","role.readonly").resourceIds("account").secret("123456").accessTokenValiditySeconds(3600).refreshTokenValiditySeconds(3600).and().withClient("clientkpi").authorizedGrantTypes("password","refresh_token").scopes("account","account.readonly","role","role.readonly").resourceIds("account","kpi").secret("123456").accessTokenValiditySeconds(3600).refreshTokenValiditySeconds(3600).and().withClient("web").redirectUris("http://www.google.com.tw").secret("123456").authorizedGrantTypes("implicit").scopes("account","account.readonly","role","role.readonly").resourceIds("friend","common","user").accessTokenValiditySeconds(3600);}}

implicit

<html><head><title>Login Page</title></head><bodyonload='document.f.username.focus();'><h3>Login with Username and Password</h3><formname='f'action='/login'method='POST'><table><tr><td>User:</td><td><inputtype='text'name='username'value=''></td></tr><tr><td>Password:</td><td><inputtype='password'name='password'/></td></tr><tr><tdcolspan='2'><inputname="submit"type="submit"value="Login"/></td></tr><inputname="_csrf"type="hidden"value="2c8806fa-ee70-44dc-b289-5dbc0df07ed9"/></table></form></body></html>